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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 16 January 2008 . 
2a )^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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DETAILED ACTION 



1. 



This Office action is in response to the amendment filed on 1/16/08. 



2. 



Claims 1-28 are pending. 



Response to Arguments 



3. Applicant's arguments have been fully considered but they are not persuasive. 

4. With respect to the 101 rejections, applicant argues that the instant claims are 
directed to statutory subject matter because the current law holds that a "storage 
medium" having stored there on are directed to statutory subject matter. (See Remarks, 
pgs. 2-3). Granted, a claim claiming a "storage medium" or "computer-readable 
medium" are on face value presumed to be statutory subject matter. However, this 
argument is insufficient because applicant provides a definition that expands the 
ordinary meaning of the term to include nonstatutory subject matter; i.e. when the 
specification defines the medium in question as transitory in nature, the medium 
claimed is not statutory (In re Nuijten, No. 06-1371 (Fed. Cir. 2007), pg. 11 ["Nuijten and 
the PTO agree that the claims include physical but transitory forms of signal 
transmission such as radio broadcasts, electrical signals through a wire, and light 
pulses through a fiber-optic cable, so long as those transmissions convey information 
encoded in the manner disclosed and claimed by Nuijten. We hold that such transitory 
embodiments are not directed to statutory subject matter"]). Here, Applicant has 
claimed a product comprising a recording medium, (claim 19) Applicant further defines 
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that "[embodiments of a computer program product may be implemented by use of any 
recording medium for machine-readable information, including magnetic media, optical 
media, transmission media, or other suitable media." (pg. 6) As held in Nuijten, 
transmission media is not recognized as one of the four categories of statutory subject 
matter. 

5. With respect to the 102 rejections, applicant argues: 

Botz's user identity mapping mechanism, however, does not disclose receiving from a 
system entity, in a security service, security information in a native format of a first security 
domain regarding a system entity having an identity in at least one security domain and returning 
to the system entity the security information in the native format of the second security domain as 
claimed in the present application because Botz's user identity mapping mechanism operates 
exclusively within a single domain to correlate a user's local user identities stored in different user 
registries within the single domain. Botz at column 9, line 59, states that a domain "represents a 
logical division for managing user identities." Botz then goes on to describe how a global identifier 
for a user is used to map a user's local identity in a user registry within a domain to that user's 
local identity in a different user registry within the same domain. See Botz at column 9, line 59, 
through column 10, line 25, and Figure 14. That is, Botz never receives security information in a 
native format of a first security domain and returns the security information in the native format of 
a second security domain as claimed in the present application because Botz is only concerned 
with mapping user identities among registries within a single domain. Because Botz does not 
disclose each and every element and limitation of Applicants' claims, Botz does not anticipate 
Applicants' claims, and the rejections under 35 U.S.C. § 102 should be withdrawn, (pg. 6) 



6. Applicant's argument is not persuasive because Botz's invention functionally 
suggests the relevant limitations of the claims. Although Botz does disclose the 
mapping mechanism within a single domain as indicated by applicant, the "domain" as 
defined by Botz is not limiting as suggested by the applicant. A domain, as taught by 
Botz, does not define security divisions as claimed in applicant's claims. Rather, the 
domain of Botz's invention defines general logical divisions ("The domain 1410 
represents a logical division for managing user identities. A domain 1410 can be a 
company, a division within a company, a building within a division, or any other division 



that indicates a physical relationship. Furthermore, a domain 1410 can be strictly logical 
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divisions, such as hourly employees and salaried employees," col. 9:60-65) As outlined 
in the rejections below, applicant's claimed recitation of a native format of a first and 
second security domains are in fact suggested by the various environments which 
utilize different security protocols (see fig. 10). As taught by Botz, each local user 
identity on their respective security environments is mapped to the other local user 
identities via an enterprise identifier, (col. 9:46-54) For these reasons, Botz anticipates 
claims 1-6, 10-15, 19-24 and 27. 

7. Finally, with respect to applicant's allegations that Botz does not disclose other 
limitations of the claims (see pg. 9), these arguments are merely conclusionary and do 
not provide any rational why the limitations are not suggest by the prior art. Such a 
response does not adequately rebut a prima facie case for rejection of the claims. 
Hence, claims 7-9, 16-18, 25, 26 and 28 remain rejected under the prior art of record. 

Claim Rejections - 35 USC § 101 

8. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 10-28 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. These claims do no restrict the claimed 
invention to statutory classes of invention. Rather, the specification defines computer 
program products embodied on a recording medium to encompass transmission media. 
(See Specification, pg. 6, line 22) Hence, these claims are limited to statutory subject 
matter. 
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Claim Rejections - 35 USC § 102 

9. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

10. Claims 1-6, 10-15 and 19-24 and 27 are rejected under 35 U.S.C. 102(b) as 
being anticipated by Botz et al. USPN 6,981 ,043 (hereinafter Botz). 

11. As per claims 1 9-24 and 27, Botz discloses a computer program product for 
cross domain security information conversion (figs. 14, 15 and 22), the computer 
program product comprising: 

a. a recording medium; (fig. 6) 

b. means, recorded on the recording medium, for receiving from a computer 
program product entity, in a security service, security information in a native 
format of a first security domain regarding a computer program product entity 
having an identity in at least one security domain; (14:17-30) 

c. means, recorded on the recording medium, for translating the security 
information to a canonical format for security information; 

d. means, recorded on the recording medium, for transforming the security 
information in the canonical format using a predefined mapping from the first 
security domain to a second security domain; (9:46-54; fig. 10) 
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e. means, recorded on the recording medium, for translating the transformed 
security information in the canonical format to a native format of the second 
security domain (10:35-38 and lines 38-52; fig. 21 "RetrieveUser" and 
"RetrieveUserDefinition"); and 

f. means, recorded on the recording medium, for returning to the computer 
program product entity the security information in the native format of the second 
security domain (14:30-34; fig. 21); 

12. wherein means, recorded on the recording medium, for transforming the security 
information includes means, recorded on the recording medium, for structure 
transformation and value transformation, including means, recorded on the recording 
medium, for mapping a system entity's identity in the first security domain to a another 
identity in the second security domain; (figs. 16-21) 

13. wherein means, recorded on the recording medium, for receiving security 
information further comprises means, recorded on the recording medium, for receiving a 
request for security information for the second security domain, wherein the request 
encapsulates the security information in a native format of a first security domain; 
(14:23-34) 

14. wherein the computer program product entity comprises a computer program 
product entity requesting access to a resource in the second security domain; (14:31- 
32) 

1 5. wherein the computer program product entity comprises a computer program 
product entity providing access to a resource in the second security domain; (14:31-32) 
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16. wherein means, recorded on the recording medium, for translating the security 
information in a native format of a first security domain to a canonical format comprises 
a procedural software function; wherein means, recorded on the recording medium, for 
translating the transformed security information in the canonical format to a native 
format of the second security domain comprises a procedural software function (figs. 
16-21, "APIs") 

1 7. As per claims 1 -6, they are claims corresponding to claims 1 9-24 and 27, and 
they do not teach or define above the information claimed in claims 19-24 and 27. 
Therefore, claims 1-6 are rejected as being anticipated by Botz for the same reasons 
set forth in the rejections of claims 19-24 and 27. 

18. As per claims 1 0-1 5, they are claims corresponding to claims 1 9-24 and 27, and 
they do not teach or define above the information claimed in claims 19-24 and 27. 
Therefore, claims 10-15 are rejected as being anticipated by Botz for the same reasons 
set forth in the rejections of claims 19-24 and 27. 

Claim Rejections - 35 USC § 103 

1 9. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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20. Claims 7-9, 16-18, 25, 26 and 28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Botz in view of Bussler et al. USPN 7,072,898 (hereinafter Bussler). 

21 . As per claims 25, 26 and 28, the rejections of claims 1 9-24 and 27 as being 
anticipated by Botz are incorporated herein. Botz does not disclose expressing the first 
native format, the canonical format nor the second native format in XML, whereby 
security information is translated between the first native format and the second native 
format via the canonical format via XSL. Bussler discloses an apparatus for exchanging 
communications between heterogeneous applications wherein data items go through 
five processes between a source and destination: 1) source-side native phase, 2) 
source-side application phase, 3) common view phase, 4) target-side application phase, 
and 5) target-side native phase, whereby the source-side application phase, common 
view phase and target-side application phase utilize XML to express the data from the 
source-side application to the target-side application and vice versa. (3:60-4:43; 5:15- 
7:51) Furthermore, XSL is the standard means of defining transformations of an XML 
file. Finally, Bussler discloses that the invention overcomes deficiencies of prior 
inventions, which centralize integration procedures, by disbursing the integration over 
the several participants of the communication. (2:30-36) Therefore, it would be obvious 
to one of ordinary skill in the art at the time the invention was made for the computer 
program product of Botz to further include wherein means, recorded on the recording 
medium, for translating the security information in a native format of a first security 
domain to a canonical format comprises a mapping, expressed in XSL, from the native 
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format of the first security domain to a canonical format; wherein the canonical format is 
expressed in XML and the predefined mapping from the first security domain to a 
second security domain is expressed in XSL; wherein the second native format is 
expressed in XML, the canonical format is expressed in XML, and means, recorded on 
the recording medium, for translating the transformed security information in the 
canonical format to a native format of the second security domain comprises a 
predefined mapping, expressed in XSL, from the canonical format to the native format 
of the second security domain. One would be motivated to do so to disburse the 
integration over the several participants of the communication, thereby reducing the 
complexity of the conversion (Bussler, 2:30-36) The aforementioned cover the 
limitations of claims 25, 26 and 28. 

22. As per claims 7-9, the rejections of claims 25, 26 and 28 under 35 USC 1 03(a) as 
being unpatentable over Botz in view of Bussler are incorporated herein. In addition, 
Bussler discloses wherein the native format of the first security domain is expressed in 
XML. (col. 6:3-34) One would be motivated to combine the teachings of Bussler with the 
invention of Botz to disburse the integration over the several participants of the 
communication, thereby reducing the complexity of the conversion (Bussler, 2:30-36). 
The aforementioned cover the limitations of claims 7-9. 

23. As per claims 1 6-1 8, they are claims corresponding to claims 25, 26 and 28, and 
they do not teach or define above the information claimed in claims 25, 26 and 28. 
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Therefore, claims 16-18 are rejected as being unpatentable over Botz in view of Bussler 
for the same reasons set forth in the rejections of claims 25, 26 and 28. 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Communications Inquiry 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JUNG KIM whose telephone number is (571)272-3804. 
The examiner can normally be reached on FLEX. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



/Jung Kim/ 

Patent Examiner, Art Unit 2132 
/Gilberto Barron Jr/ 

Supervisory Patent Examiner, Art Unit 2132 



